Information System Security Officer

TCI has an immediate need for an Information System Security Officer in Morrisville, NC. This is not a Corp2Corp opportunity. This is a long-term contract opportunity with the probability of becoming permanent. In addition to competitive, market-rate based pay, TCI provides all our Consultants with Comprehensive Medical/Dental Insurance, 401k, Life Insurance and Long-Term Disability benefits.
Please note that this position requires US Citizenship and a Public Trust Security Clearance prior to start.
SEEKING LOCAL CANDIDATES; NO REMOTE WORK
SUMMARY
The Information System Security Officer is familiar with Continuous Monitoring, ISO2K control sets, working in a GRC (preferably RSAM), and who understands DevSecOps, Cloud, O365, GC, or Azure experience a plus. Need candidate that can quickly assimilate.
RESPONSIBILITIES

• Works closely with Account Security Officer (ASO) and Segment Security Officers (SSO) to ensure operational security measures are implemented.
• Assesses and mitigates system security risks; determines and analyzes security requirements for implementation and testing.
• Reviews and continuously monitors implemented security controls.
• Creates and maintains security checklists, templates and other tools to aid in the A&A process.
• Performs security control assessment using NIST 800-53A guidance and as per continuous monitoring requirements.
• Performs risk analyses to determine and recommends essential safeguards.
• Proactively mitigates system vulnerabilities and recommends compensating controls.
• Prepares security authorization packages in accordance with the client contractual requirements.
• Develops core documents such as System Security Plan, Contingency Plan, Incident Response Plan, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, Configuration Management Plan, etc.
• Maintains client-specific Plan of Action and Milestones and supports remediation activities.
• Maintains an inventory of hardware and software for the information system.
• Develops, tests and trains on Contingency and Incident Response planning.
• Conducts independent scans of application, network and database and utilizes Managed Security Services Vulnerability Assessment Team (VAT) support as applicable.
• Ability to influence OCISO Delivery system stakeholders in the execution of security and compliance requirements

REQUIREMENTS

• 10+ years’ experience working as an Information Assurance Analyst or similar role.
• Must possess a minimum of a Bachelor’s Degree with technical specialty such as cyber security, computer science, management information systems or related IT field.
• CERTIFICATIONS (One or more required): CompTIA Security +, CPTE - Certified, Penetration -Testing Engineer, CEH - Certified Ethical Hacker, Certified.
• Excellent communications skills.
• Knowledge of the security countermeasures and overall RMF and NIST 800 compliance.
• Experience as a Security consultant in Risk and Compliance.
• Knowledge of Federal Security, industry and market trends.
• Must be able to obtain a Public Trust Security Clearance prior to start.